WordPress Vulnerabilities Database

WordPress <= 4.4.1 - Open Redirect

Product

WordPress

Description

This vulnerability in the wp_validate_redirect function in wp-includes/pluggable.php allows an attacker to redirect users to arbitrary web sites and conduct phishing attacks via a malformed URL which triggers incorrect hostname parsing.